Jack L.

@randohacker

computer hacking @ NCC Group. . earnest. applied cryptography, Linux kernel, memory (un)safety.

Bay Area, CA, USA
Vrijeme pridruživanja: lipanj 2019.

Tweetovi

Blokirali ste korisnika/cu @randohacker

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @randohacker

  1. Prikvačeni tweet
    8. stu 2019.
    Prikaži ovu nit
    Poništi
  2. 31. sij
    Poništi
  3. proslijedio/la je Tweet

    Attending tomorrow? Make sure to check out our very own Mark Manning's discussion "Real-World Kubernetes Security for "

    Poništi
  4. 31. sij
    Poništi
  5. 30. sij
    Poništi
  6. proslijedio/la je Tweet
    Prikaži ovu nit
    Poništi
  7. 29. sij

    I wonder how widely this (honoring a CSR’s requested extensions) is supported in general? By default anywhere?

    Prikaži ovu nit
    Poništi
  8. 29. sij
    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    23. sij

    New blog post: The Life of a Bad Security Fix: We'll do more shorter-form blogs like this rather than just tweet into the void over several months about the journeys of bad fixes:

    Poništi
  10. 27. sij
    Poništi
  11. proslijedio/la je Tweet
    26. sij
    Odgovor korisniku/ci
    Poništi
  12. proslijedio/la je Tweet
    23. sij

    Welcome changes for kernel: and the mailing list version for contrast: Gerrit has side-by-side diffs, full expandable context, non-lossy comments attached to lines. Here are docs:

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    22. sij

    I wrote up a brief technical note on FTI Consulting's forensic report into the Jeff Bezos Hack, with some thoughts on where the investigation should go next:

    Prikaži ovu nit
    Poništi
  14. 22. sij

    (not surprised i transposed fcntl 🤬😝)

    Prikaži ovu nit
    Poništi
  15. 22. sij

    Mostly unrelated, but it doesn’t look like macOS has “atomic” CLOEXEC APIs. You can set it with fctnl(...) after opening (as you can in Linux), but see open(2)‘s man pages for why that’s risky:

    Prikaži ovu nit
    Poništi
  16. 22. sij

    the newer pidfd-related APIs return CLOEXEC fds by default, which prevents fd leakage through inheritance across fork/execve (e.g. after setreuid privdrop). hopefully new kernel APIs follow this trend!

    Prikaži ovu nit
    Poništi
  17. 16. sij
    Poništi
  18. proslijedio/la je Tweet
    15. sij
    Odgovor korisnicima

    It gets harder: less reliable, and more obvious, all of which make it less compelling and easier to address. This is why Google is coupling this to other efforts to reduce fingerprintability. IP Privacy is the elephant in the room-- only Tor credibly helps there atm.

    Poništi
  19. proslijedio/la je Tweet
    16. sij

    I posted a thing: . Shoutout to for their awesome help. And thanks for the encouragement.

    Poništi
  20. proslijedio/la je Tweet
    14. sij

    this is part of a short "how containers work" series I'm slowly working on, you can see more parts here:

    Prikaži ovu nit
    Poništi
  21. 14. sij
    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·